Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini

We hope that at this point we have been able to paint a clear picture of what fuzzing is, why it is effective, and how it can be implemented to unveil hidden faults in program code. Up front, we mentioned that this book is geared toward three distinct target audiences that can benefit from the power of fuzzing: developers, QA team members, and security researchers. In this chapter we break down the software development lifecycle (SDLC) to determine where each of these groups can apply fuzzing to build secure software.